From patchwork Tue Jul 2 13:21:37 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yosry Ahmed X-Patchwork-Id: 13719647 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 7EEADC3064D for ; Tue, 2 Jul 2024 13:21:48 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 0B4C26B0095; Tue, 2 Jul 2024 09:21:48 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 03F066B0096; Tue, 2 Jul 2024 09:21:47 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id D36D36B0098; Tue, 2 Jul 2024 09:21:47 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0015.hostedemail.com [216.40.44.15]) by kanga.kvack.org (Postfix) with ESMTP id AD48E6B0095 for ; Tue, 2 Jul 2024 09:21:47 -0400 (EDT) Received: from smtpin20.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay02.hostedemail.com (Postfix) with ESMTP id 650DD12207F for ; Tue, 2 Jul 2024 13:21:47 +0000 (UTC) X-FDA: 82294875054.20.5FF0255 Received: from mail-yw1-f202.google.com (mail-yw1-f202.google.com [209.85.128.202]) by imf27.hostedemail.com (Postfix) with ESMTP id A027940008 for ; Tue, 2 Jul 2024 13:21:45 +0000 (UTC) Authentication-Results: imf27.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=Y8ZKZE8U; spf=pass (imf27.hostedemail.com: domain of 36P6DZgoKCDElbfelNUZRQTbbTYR.PbZYVahk-ZZXiNPX.beT@flex--yosryahmed.bounces.google.com designates 209.85.128.202 as permitted sender) smtp.mailfrom=36P6DZgoKCDElbfelNUZRQTbbTYR.PbZYVahk-ZZXiNPX.beT@flex--yosryahmed.bounces.google.com; dmarc=pass (policy=reject) header.from=google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1719926483; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=/1dVnzezxakkrWVDD24n/jxIBS1JtulZK9cr/kIqgsY=; b=F7tUZpyIg5f7Mun//8xKXcEDKpKrTUlODQLd9DUYkXpH5bx2bfaMNCJ44nOGs7XUC8VMNZ 4rtJF3oLm9jpjlnnf5ROE5PELiHWZ7Q/T9es1s05MEl1VfdCsnBiQc1uo5kwNOMGcnkDIN CFKvWcPGuXPgYaVsJ2CLDJkXG9wqjj4= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1719926483; a=rsa-sha256; cv=none; b=tR8HRlQAAIBktvwW3q9oRiYNAq5bxHq9YDPH1qBZA063oL5cz4ObBRmGLQb79EfGukV1pn 2XC8LZSJxjtK6sMfRYQeViBFoQvC1A5VtJqc/xr9xnzv06DX7gBd1kB2c4hozQ0UsOk6+3 zJqChcV5M9uTu4/Z0JD7w9Hc9uq0SYo= ARC-Authentication-Results: i=1; imf27.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=Y8ZKZE8U; spf=pass (imf27.hostedemail.com: domain of 36P6DZgoKCDElbfelNUZRQTbbTYR.PbZYVahk-ZZXiNPX.beT@flex--yosryahmed.bounces.google.com designates 209.85.128.202 as permitted sender) smtp.mailfrom=36P6DZgoKCDElbfelNUZRQTbbTYR.PbZYVahk-ZZXiNPX.beT@flex--yosryahmed.bounces.google.com; dmarc=pass (policy=reject) header.from=google.com Received: by mail-yw1-f202.google.com with SMTP id 00721157ae682-62f8a1b2969so73931597b3.3 for ; Tue, 02 Jul 2024 06:21:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1719926505; x=1720531305; darn=kvack.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=/1dVnzezxakkrWVDD24n/jxIBS1JtulZK9cr/kIqgsY=; b=Y8ZKZE8U+A5pnqu9ulvw3399sOxI+gMtM+jxlnC80VdWLDSUX3llgPO0Th1qvfKM7m xwOBc7ZVV3WgrxpCYlQGnKEt+8cN1P6n3rX8x+9rVFJx6wJWbCALoVpUnOBXiBQzluhx vOq2CVfrgrR0L2vLev94KcqZzsef3KKUP1yCNYsGEV1CKhFtDiL6EW7K+JwsJw3uXrBX NqdPEYJRzI0NPAxqOeRAQntuMaaojScF3am+gapdIp1SXytHmqZfwGG6VdfHu5Dp0H/i aA0BQZ0Chwf5fX4LfiHyDazYDMUSR/QMUGgvQzGfZQtTxgAG//Z/LioMUrV4pVSxgc8s EaCA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1719926505; x=1720531305; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=/1dVnzezxakkrWVDD24n/jxIBS1JtulZK9cr/kIqgsY=; b=NNpMpeqMoCH02UIvC6N/W/bC8MSObecXarC6PioYhtcG6uHULm5c2PSrT6cuI+6h8Q LzsZagQNE4FhXWCd2VQjCXdI/+8rdBlWBH8E+UQpdQzulP3zencA4AOdZjT+Ppyd1uD5 jzCUqR9jtrleVXozZSwb+iyNksV4bAoYxEjB6TqtIfjXmDbJIUmFBskqnSYsERuZ/bxg soJub3GFDv/lAj/bOpMIm0TQmbdnwXyHiUuF0toiw08n+UttXp3ehgQjfZ2NXkPbT/ot DmTvj1wawub2hlWMeuVT3SvPkNR0AH4WypWVskgMXMhOQneu8a7sKjgITaG/WndmVp+t uQsg== X-Forwarded-Encrypted: i=1; AJvYcCUV4bkBvcI9FQH14a+Y7rGX61D/7wcVz7zXqHVD2duYWGsQU5+MBR1R+EIoLfwcy2TvMcmv1c1tPFDev6aoPfzviO4= X-Gm-Message-State: AOJu0YxLYLtZfBw2a/MeCgCqwmq4GJInoqiMtsRrAfLDBwNek9H7NN+Z QEFUI7jLSN2lZzLLiU6mFcj9Pvf80xmW25goF/li8CjzFchto0B3j/VTKR9McHpdmi4Wf1llkMS b10uiM2ou/N5iq2YLQw== X-Google-Smtp-Source: AGHT+IHghuJQ8nulRpb2JfS2RyKKlSW+eKRndDAd54bTQK3f3q6ozzQyqfLRhWOFhsZ+LsF1X/jGe3dnEw1HTZPM X-Received: from yosry.c.googlers.com ([fda3:e722:ac3:cc00:20:ed76:c0a8:29b4]) (user=yosryahmed job=sendgmr) by 2002:a0d:e885:0:b0:61c:89a4:dd5f with SMTP id 00721157ae682-64c72b5434amr740227b3.0.1719926504753; Tue, 02 Jul 2024 06:21:44 -0700 (PDT) Date: Tue, 2 Jul 2024 13:21:37 +0000 In-Reply-To: <20240702132139.3332013-1-yosryahmed@google.com> Mime-Version: 1.0 References: <20240702132139.3332013-1-yosryahmed@google.com> X-Mailer: git-send-email 2.45.2.803.g4e1b14247a-goog Message-ID: <20240702132139.3332013-2-yosryahmed@google.com> Subject: [RESEND PATCH v3 1/3] x86/mm: Use IPIs to synchronize LAM enablement From: Yosry Ahmed To: x86@kernel.org Cc: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , "H. Peter Anvin" , Andy Lutomirski , Peter Zijlstra , "Kirill A. Shutemov" , Rick Edgecombe , Andrew Morton , linux-mm@kvack.org, linux-kernel@vger.kernel.org, Yosry Ahmed X-Rspamd-Queue-Id: A027940008 X-Stat-Signature: sfuxfbmxhu4ygjqoc49ucf7x5pe9ohur X-Rspamd-Server: rspam09 X-Rspam-User: X-HE-Tag: 1719926505-7548 X-HE-Meta: U2FsdGVkX19vFP6aZ+a16T/i0BhL04m9r0k52tZQUJ4GsnMsfID2yjyN3xc7TxdcUjV/eBRo1RKkLt1Kr9a+nkxAsimArRCbG8KbLaAHfopYOvlc1xmNB7imozAFTQ+KPYly4P2QYkq495GoF4VP5I7aCwk//M9+4ZkVsDM5DsPnokTW95/7NtlW3ZcfjieVBOBqwCNqEvcS9Sle3O7rW4BKQQ11QUQgmrlgcBK/Oerc5LDtwLdtphE3f1Ar5m76W4uBL/pgv+3sb0Wa6vNRu6AHdNEggZRxonEeQ7hmC+MR0LHNljWz5KLdK5xSqB1wuSU5IEwve/7IW/o4GLcJetFTP7ZS0Xx106TARg1gBAr/vMgoTV5oQbPGarCE1JrA1R4PNyxl563cUtoijmpkAbxcPuMygCSv9k4PDYE7lCKEJd3mfe8iAqHsTBpF+kVbdyxwRwO0I2nXfIp2MxaPuTPV6/rE7Z4Wp6qbT6KOBKKYLGtRuhdeA/nVQ52C0Le8ftM4yGS8h9sr7lMKqmWl+tjHQ8ZJMu0A9GOZNbTl2GElJU20JoowyCIBSXLdtoXNJqL+TWIbKhzr85kKU7X2+NwpNoygk4wrP5uY4mk4eC8IggNiHXlaIn2xQcogtjoDEnaHw9Y+DQx3UEvOI9B+YaXm9tONaSVC+LAphCIv8ECEJzX9Qw9Cw8W9s+ERG5eUEsfH3NNTMs98n9gRqhb/TtOa+/mGtXGhefUYjSPTYELf2VTxQIGxxF1oen4SUVbk/08XmyiNtSx9p/wWqN/jjilD+qZDc8/aJ7I0lNZYe9de8HrSeOJXkZmUO360rQdq4Fs8G0Jjlcj75WzOZGAvuyzWHBFj3NvBWY5mNUZhypou5HSHihlvq2Yau8Ku8JuDSxDnp2TnsfYzwR972lmknKE/n2i6nTowONVWCTs7jymNKzVlPh/2K4SFgsmIcmvaG6btwEa1fxzAh8T/3P2 5wJQ4Vef e3B/pccdRt/7DGqZ5wdQrJOOr47xkh0c2arDoTAC6Cn/uCVSn89XEc4duzPSLdz/ZfLbZcE6JMBslS7Q4bDrPSZ7b7mDxyyxSFI2kW78v2l48spLffBmteEczOyPF4UIyzp2WciklBrdlkr0bEfXRyVwxwS0vnztUmlpK+PcNZc6LN0IEtxncc2kEu4/FAfnP9ul/9TW9jCndcqvk30PGb82hqoLog0MO1kjvlMxKmp/1AsmR116zOs5S4EzCzTW0zkhWxDpPJfs3A6H9RkMfMLEaDxW3nRw4R6+5Ne/gHKc5aUFwH/Q/W5RdGQb0ruKei2Dl19ORhlLYxowBD/sjRGOhJjRiZxjgInggz4P2ofG494kvxycPz+5bIiePzuD3p0qT6XHqseuDMGqkJZOB1JWZdD/1fpN8dK2uHGSWoU7Pf+DuKjZw9gF2SOOMRojAZaeaXNP0Lv9SwPKPnjOgRvkrzfX2sdXmlMlxmCetb6aPcDmyQ7CUlH3dyYh57PI6TAr2yhnixqRpdgrHpEW4h/8C4vrzkXeLR1DegK9sT7u5rtB9nu5IXp64hvtycqhK5hhz33ApWbt0sLgMNgGldhEofivQt5v+iyNBovvGGIgz6mSA7oc5LpCnHrN8ofkjzdJS X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: LAM can only be enabled when a process is single-threaded. But _kernel_ threads can temporarily use a single-threaded process's mm. If LAM is enabled by a userspace process while a kthread is using its mm, the kthread will not observe LAM enablement (i.e. LAM will be disabled in CR3). This could be fine for the kthread itself, as LAM only affects userspace addresses. However, if the kthread context switches to a thread in the same userspace process, CR3 may or may not be updated because the mm_struct doesn't change (based on pending TLB flushes). If CR3 is not updated, the userspace thread will run incorrectly with LAM disabled, which may cause page faults when using tagged addresses. Example scenario: CPU 1 CPU 2 /* kthread */ kthread_use_mm() /* user thread */ prctl_enable_tagged_addr() /* LAM enabled on CPU 2 */ /* LAM disabled on CPU 1 */ context_switch() /* to CPU 1 */ /* Switching to user thread */ switch_mm_irqs_off() /* CR3 not updated */ /* LAM is still disabled on CPU 1 */ Synchronize LAM enablement by sending an IPI from prctl_enable_tagged_addr() to all CPUs running with the mm_struct to enable LAM. This makes sure LAM is enabled on CPU 1 in the above scenario before prctl_enable_tagged_addr() returns and userspace starts using tagged addresses, and before it's possible to run the userspace process on CPU 1. In switch_mm_irqs_off(), move reading the LAM mask until after mm_cpumask() is updated. This ensures that if an outdated LAM mask is written to CR3, an IPI is received to update it right after IRQs are re-enabled. Fixes: 82721d8b25d7 ("x86/mm: Handle LAM on context switch") Suggested-by: Andy Lutomirski Reviewed-by: Kirill A. Shutemov Change-Id: I7fd573a9db5fe5284d69bc46f9b3758f1f9fb467 Signed-off-by: Yosry Ahmed --- arch/x86/kernel/process_64.c | 13 +++++++++++-- arch/x86/mm/tlb.c | 7 +++---- 2 files changed, 14 insertions(+), 6 deletions(-) diff --git a/arch/x86/kernel/process_64.c b/arch/x86/kernel/process_64.c index 6d3d20e3e43a9..e1ce0dfd24258 100644 --- a/arch/x86/kernel/process_64.c +++ b/arch/x86/kernel/process_64.c @@ -798,6 +798,16 @@ static long prctl_map_vdso(const struct vdso_image *image, unsigned long addr) #define LAM_U57_BITS 6 +static void enable_lam_func(void *__mm) +{ + struct mm_struct *mm = __mm; + + if (this_cpu_read(cpu_tlbstate.loaded_mm) == mm) { + write_cr3(__read_cr3() | mm->context.lam_cr3_mask); + set_tlbstate_lam_mode(mm); + } +} + static int prctl_enable_tagged_addr(struct mm_struct *mm, unsigned long nr_bits) { if (!cpu_feature_enabled(X86_FEATURE_LAM)) @@ -830,8 +840,7 @@ static int prctl_enable_tagged_addr(struct mm_struct *mm, unsigned long nr_bits) return -EINVAL; } - write_cr3(__read_cr3() | mm->context.lam_cr3_mask); - set_tlbstate_lam_mode(mm); + on_each_cpu_mask(mm_cpumask(mm), enable_lam_func, mm, true); set_bit(MM_CONTEXT_LOCK_LAM, &mm->context.flags); mmap_write_unlock(mm); diff --git a/arch/x86/mm/tlb.c b/arch/x86/mm/tlb.c index 44ac64f3a047c..a041d2ecd8380 100644 --- a/arch/x86/mm/tlb.c +++ b/arch/x86/mm/tlb.c @@ -503,9 +503,9 @@ void switch_mm_irqs_off(struct mm_struct *unused, struct mm_struct *next, { struct mm_struct *prev = this_cpu_read(cpu_tlbstate.loaded_mm); u16 prev_asid = this_cpu_read(cpu_tlbstate.loaded_mm_asid); - unsigned long new_lam = mm_lam_cr3_mask(next); bool was_lazy = this_cpu_read(cpu_tlbstate_shared.is_lazy); unsigned cpu = smp_processor_id(); + unsigned long new_lam; u64 next_tlb_gen; bool need_flush; u16 new_asid; @@ -619,9 +619,7 @@ void switch_mm_irqs_off(struct mm_struct *unused, struct mm_struct *next, cpumask_clear_cpu(cpu, mm_cpumask(prev)); } - /* - * Start remote flushes and then read tlb_gen. - */ + /* Start receiving IPIs and then read tlb_gen (and LAM below) */ if (next != &init_mm) cpumask_set_cpu(cpu, mm_cpumask(next)); next_tlb_gen = atomic64_read(&next->context.tlb_gen); @@ -633,6 +631,7 @@ void switch_mm_irqs_off(struct mm_struct *unused, struct mm_struct *next, barrier(); } + new_lam = mm_lam_cr3_mask(next); set_tlbstate_lam_mode(next); if (need_flush) { this_cpu_write(cpu_tlbstate.ctxs[new_asid].ctx_id, next->context.ctx_id);